Work in Iowa Green Jobs

Job Information

Wells Fargo OSRT - Automation & Simulation - Cyber Security Research Scientist 3 in Des Moines, Iowa

Job Description

Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as 'Personal Cell' or 'Cellular' in the contact information of your application.

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired.

Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you.

Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure; provides information security; and enables Wells Fargo global customers to have 24 hours a day, 7 days a week banking access through in-branch, online, ATMs, and other channels.

Our mission is to deliver stable, secure, scalable, and innovative services at speeds that delight and satisfy our customers and unleash the skills potential of our employees.

The Information and Cyber Security (ICS) team is embarking on a multi-year initiative to improve Wells Fargo's resiliency to the tactics, and techniques used by today's most advanced adversaries. ICS is looking to bring together a multi-functional, agile team to partner across disciplines in order to create a more secure future for the company and its customers. Join a team of dedicated Cybersecurity professionals working to implement cutting edge threat detection and prevention tools and techniques.

Our Enterprise Information Security team is looking for a strong cyber security professional to join our Cyber Security Defense and Monitoring Team. This role will involve performing cutting-edge research on new attack vectors, techniques, and tactics. This role will emulate adversarial attacks in order to provide information to Wells Fargo Lines of Business with the overall goal of providing knowledge of indicators or compromise and TTP (Tools, Tactics, and Procedures) to other teams. Team member will be responsible for creating attack chains and will explain how combining different weaknesses can result in higher impact. This team member must be able to utilize complex hacking tools, create proof of concept exploits, and document attack chains so they can be re-created and defensive tactics developed for them. This role will research, analyze, design, test, and implement complex technologies, systems, and applications. This position reports to the Cyber Threat Management – Offensive Security Research Team and works closely with teams in a purple team capacity.

Responsibilities:

  • Conduct Threat Emulation

  • Conduct innovative research in cyber security

  • Conduct active offensive security operations

  • Conducts physical security assessments

  • Develop custom penetration testing tools

  • Develop in-depth findings report

  • Communicate findings to lines of business based on inherit risks

  • Participate in purple teaming

  • Train/Mentor more junior members of team

  • Work with the leadership team to identify opportunities and process improvements

Required Qualifications

  • 5+ years of information security experience in converged testing (red teaming) demonstrated through work or military experience

  • 1+ year of experience in network, social, and physical domains demonstrated through work or military experience

  • 5+ years of experience in one or a combination of the following: creating proof of concepts, creating exploits, or reverse engineering demonstrated through work or military experience

Desired Qualifications

  • Expert information security technical skills

  • Proficient in working with systems, networks, and application vulnerability testing

  • Ability to manage complex security scenarios and develop innovative solutions to address the most recent cyber threats

  • Knowledge and understanding of mitigating security controls (, antivirus, IPS or IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology

  • Security engineering experience that includes knowledge and understanding of recent research and industrial advances in one or more of the following areas: computer and communication networks, cyber security threat detection, cyber security experimentation and testing, innovative research in cyber security, physical security controls and their weaknesses, debugging, hardware and device hacking, or electronics security

  • Knowledge and understanding of Python, Ruby, PowerShell, and Shell scripting

  • Physical hardware hacking experience

  • Ability to work effectively, as well as independently, in a team environment

  • Strong organizational, multi-tasking, and prioritizing skills

  • Ability to handle confidential material in a professional manner

  • Knowledge and understanding of banking or financial services industry

  • Experience working in a large enterprise environment

  • Knowledge and understanding of system/application architecture and design concepts

  • Ability to present complex material in a digestible, consumable manner to all levels of management

Other Desired Qualifications

  • Ability to create tools from scratch and lead tool development projects

  • Experience partnering with Blue teams in simulated attack environments.

  • Reverse engineering and reusing exploits

  • Highly experienced with operating system and application hardening best practices

  • Strong ability to find and dissect vulnerabilities without using standard tools

  • Demonstrates issue resolution and negotiation skills;

  • Comprehensive understanding of recent research and industry advances in the following areas: Computer and communication networks, Cyber security threat detection, Cyber security experimentation/testing, and Assembly.

  • Significant experience identifying security vulnerabilities for the company's networks, application systems, hardware infrastructure and emerging technologies to improve the enterprise information security posture.

  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC/SANS), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE), Offensive Security Web Expert (OSWE), or Amazon AWS Certifications.

Job Expectations

  • Ability to travel up to 5% of the time

Street Address

NC-Charlotte: 401 S Tryon St - Charlotte, NC

NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC

NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC

VA-Glen Allen: 4340 Innslake Dr - Glen Allen, VA

NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC

AZ-Chandler: 2600 S Price Rd - Chandler, AZ

AZ-PHX-Central Phoenix: 100 W Washington St - Phoenix, AZ

AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ

AZ-Tempe: 1305 W 23rd St - Tempe, AZ

TX-Plano: 4975 Preston Park Blvd - Plano, TX

TX-Irving: 2975 Regent Blvd - Irving, TX

MN-Minneapolis: 600 S 4th St - Minneapolis, MN

MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN

MN-Minneapolis: 425 E Hennepin Ave - Minneapolis, MN

MN-Saint Louis Park: 600 Highway 169 S - Saint Louis Park, MN

IA-Des Moines: 800 Walnut St - Des Moines, IA

MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO

TX-San Antonio: 4101 Wiseman Blvd - San Antonio, TX

PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA

IL-Chicago: 10 S Wacker Drive - Chicago, IL

DC-Washington: 1700 K Street NorthWest - Washington, DC

CA-SF-Financial District: 333 Market St - San Francisco, CA

MA-Boston: 125 High Street - Boston, MA

NY-New York: 150 E 42nd St - New York, NY

Disclaimer

All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act.

Relevant military experience is considered for veterans and transitioning service men and women.

Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation.

Benefits Summary

Benefits

Visit https://www.wellsfargo.com/about/careers/benefits for benefits information.

Company: Wells Fargo

Req Number: 5576349-24

Updated: 2021-05-18 01:12:06.227 UTC

Location: Des Moines,IA

DirectEmployers